News

$230M WazirX Hack May Be Linked to Lazarus Group, Blockchain Researchers Say

Published

4 months ago

on

India’s largest cryptocurrency exchange lost $230 million in a security breach, with blockchain investigator ZachXBT saying the attack “shows potential signs of a Lazarus Group attack.”

The WazirX team said they called the attack a “force majeure event” beyond their control.

Image by Shutterstock

Published on July 19, 2024 at 01:03 EST.

WazirX, India’s largest cryptocurrency exchange, lost nearly half of its total assets after a security breach on Thursday.

“We are aware that one of our multisig wallets has suffered a security breach. Our team is actively investigating the incident. To ensure the safety of your assets, INR and crypto withdrawals will be temporarily suspended,” She said the WazirX team on X.

Arkham Blockchain Analytics Platform valued that $235 million in funds were stolen by hackers, sharing a list of wallet addresses associated with the attackers’ activities on the blockchain.

The WazirX team then shared a update with its preliminary findings on how the attack unfolded, according to their estimates, the loss of funds exceeded $230 million. The team said that the cyberattack targeted one of its multisig wallets, which used Liminal’s digital asset custody and wallet infrastructure services.

WazirX noted that the root cause of the attack was due to a discrepancy between the information displayed on the Liminal interface and what was actually signed.

“We had strong security features in place, including the Gnosis Safe multisig smart contract platform and Liminal’s whitelisting policy. While we took all necessary measures to protect client assets, cyber attackers appear to have likely breached those security features and the theft occurred,” the WazirX team said.

“This is a force majeure event beyond our control, but we will leave no stone unturned to locate and recover the funds.”

As for the hacker’s identity, blockchain security researchers had a common theory: the North Korean state-sponsored Lazarus Group.

Polygon’s Chief Information Security Officer, Mudit Gupta found that the attackers had begun practicing the onchain attack at least eight days ago, noting that the “methodical and organized” nature of the attack pointed toward North Korean hackers.

Blockchain investigator ZachXBT came to a similar conclusion after tracking the hacker’s activity.

“All I can say is that the WazirX hack has the potential signs of a Lazarus Group attack (again)” She said ZachXBT on X.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version